package com.pw.demo3.config;

import com.pw.demo3.bean.*;
import com.pw.demo3.service.EmployeeService;
import com.pw.demo3.service.RoleService;
import com.pw.demo3.service.impl.EmployeeRoleServiceImpl;
import com.pw.demo3.service.impl.PermissionServiceImpl;
import com.pw.demo3.service.impl.RolePermissionServiceImpl;
import com.pw.demo3.service.impl.RoleServiceImpl;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.ArrayList;
import java.util.List;

public class UserRealm extends AuthorizingRealm {

    @Autowired
    EmployeeService employeeService;
    @Autowired
    RoleServiceImpl roleService;
    @Autowired
    PermissionServiceImpl permissionService;
    @Autowired
    EmployeeRoleServiceImpl employeeRoleService;
    @Autowired
    RolePermissionServiceImpl rolePermissionService;

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();

        //拿到登录对象
        Subject subject = SecurityUtils.getSubject();
        Object a = subject.getPrincipal();
        Employee currentEmployee=employeeService.selectByName(a.toString());
        //查出用户拥有的角色
        List<EmployeeRole> employeeRoles = employeeRoleService.selectById(currentEmployee.getId());
        List<Role> roles = new ArrayList<>();
        for (EmployeeRole er : employeeRoles) {
            roles.add(roleService.selectByPrimaryKey(er.getRoleId()));
        }
        List<RolePermission> rolePermissions = new ArrayList<>();
        List<Permission> permissions = new ArrayList<>();
        List<String> roles1 = new ArrayList<>();
        List<String> permissions1 = new ArrayList<>();
        for (Role r : roles) {
            rolePermissions.addAll(rolePermissionService.selectById(r.getId()));
            roles1.add(r.getName());
        }
        for (RolePermission rp : rolePermissions) {
            permissions.add(permissionService.selectByPrimaryKey(rp.getPermissionId()));
        }
        for (Permission p : permissions) {
            permissions1.add(p.getExpression());
        }
        if(currentEmployee.getAdmin()==true){
            info.addRole("admin");
            info.addStringPermissions(permissionService.selectAllExp());
        }
        info.addRoles(roles1);
        info.addStringPermissions(permissions1);

        return info;
    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        UsernamePasswordToken userToken = (UsernamePasswordToken) token;
        Employee employee = employeeService.selectByName(userToken.getUsername());
        if (employee != null) {
            if (!userToken.getUsername().equals(employee.getName())) {
                return null;
            }
            //密码认证,交给Shirol
            String realName = getName();
            ByteSource salt = ByteSource.Util.bytes("name"); //对用户名进行加盐
            return new SimpleAuthenticationInfo(employee.getName(), employee.getPassword(), salt, realName);
//        return new SimpleAuthenticationInfo("",employee.getPassword(),"");
        } else {
            return null;
        }

    }
}
